Lucene search
PRIOn knowledge basePRION:CVE-2024-21782HistoryFeb 14, 2024 - 5:15 p.m.
Command injection
2024-02-1417:15:00
PRIOn knowledge base
www.prio-n.com
6
big-ip
big-iq
command injection
vulnerability
secure copy
arbitrary commands
cve-2020-5873
BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy (scp) utility but do not have access to Advanced shell (bash) can execute arbitrary commands with a specially crafted command string. This vulnerability is due to an incomplete fix for CVE-2020-5873.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
References
Related
nvd
nvd
CVE-2024-21782
2024-02-14 17:15:12
CVE-2020-5873
2020-04-30 21:15:16
f5
f5
K98606833 : BIG-IP and BIG-IQ scp vulnerability CVE-2024-21782
2024-02-14 00:00:00
K03585731 : F5 secure shell vulnerability CVE-2020-5873
2020-04-30 00:00:00
K000138353 : Quarterly Security Notification (February 2024)
2024-02-14 00:00:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP and BIG-IQ scp vulnerability (K98606833)
2024-02-14 00:00:00
F5 Networks BIG-IP : F5 secure shell vulnerability (K03585731)
2020-04-30 00:00:00
cvelist
cvelist
CVE-2024-21782 BIG-IP and BIG-IQ secure copy vulnerability
2024-02-14 16:30:20
CVE-2020-5873
2020-04-30 20:21:54
cve
cve
CVE-2024-21782
2024-02-14 17:15:12
CVE-2020-5873
2020-04-30 21:15:16
prion
prion
Cross site request forgery (csrf)
2020-04-30 21:15:00